Windows 11 silently copies your "My Documents" "My Pictures" "Desktop" to OneDrive cloud storage

On February or March 2024, It seems OneDrive silently altered the sync settings and now it automatically copies "My Documents" "My Pictures" and "Desktop" onto OneDrive when the computer is logged on Microsoft account to Windows 11 computer.

If you are using Windows 11 Home operating system or logging in Windows 11 Pro computer with Microsoft account, it is necessary to check sync settings of OneDrive.

For security reasons, it is better to not store items onto "My Documents" "My Pictures" "My Videos" "My Music" "Desktop" because it is typical target folder of “ransomware”

A strong case for using Audiophile Optimizer, to get rid of all this and more. 

41 minutes ago, The Computer Audiophile said:

A strong case for using Audiophile Optimizer, to get rid of all this and more. 

Or Linux, which also gives supported access to ZFS.

It's not very secret.

It's part of your windows setup, when you sign in for the first time with our windows account.

It will ask you what to sync, if yo just click OK, then you need to manually modify the settings later.

Ondrive settings => Sync and backup => Manage backup

Not that I am aware of. I de-activated one-drive from the start during my initial setup and 2 years later it's still turned off.

But with todays MS issues (Crowdstrike) everything was turned off

4 minutes ago, Wheaten said:

Not that I am aware of. I de-activated one-drive from the start during my initial setup and 2 years later it's still turned off.

But with todays MS issues (Crowdstrike) everything was turned off

Crowdstrike is not MS. Their network software had a bug, when they pushed out a new version. On them, not MS.

didn't say MS was the root cause, But MS showed the issue 😉(English is not my native tongue)

1 hour ago, Wheaten said:

didn't say MS was the root cause, But MS showed the issue 😉(English is not my native tongue)

Because the update was for their software which runs on Windows.

My understanding is, Microsoft Windows has a fundamental design flaw that enables 3rd party app to crash instantly and prevent next boot.

Usually operating system do not allow such action to any 3rd party app.

I'm a seasoned Microsoft fan and do not surprised at all about it, you should feel lucky when Windows works and do not crash. if it crash often, increases the joy when it runs well.

40 minutes ago, yamamoto2002 said:

My understanding is, Microsoft Windows has a fundamental design flaw that enables 3rd party app to crash instantly and prevent next boot.

Usually operating system do not allow such action to any 3rd party app.

 

I'm a seasoned Microsoft fan and do not surprised at all about it, you should feel lucky when Windows works and do not crash. if it crash often, increases the joy when it runs well.

Crowdstrike agent is installed as a kernel-level driver, and not as a user-level app. At kernel level, software has a lot more direct access to hardware and can easily crash Windows when it misbehaves. This is (mostly) not a MSFT flaw in this case, although it certainly doesn’t mean MSFT can’t be blamed for thousands of other critical bugs and crashes ;)

This is similar to a UPS. It must sit between the power outlet and the computer(s). When the thing that was designed to keep the computer running fails, the computer fails. If the UPS doesn’t sit there, it’s useless. 
 

Without kernel level access, the software may not be useless, but it’s not very effective. 
 

Stuff happens. Hopefully the good guys learn, and nation state bad actors aren’t paying attention. Injecting code into CrowdStrike’s update appears to be a great way for the bad guys to take a lot of infrastructure down quickly. 

Just tried Win11debloat, it's a powershell script that removes garbage from Win11.

I gave up counting after 20 apps, guess about 100 or more apps that can be removed disabled, depends what you want to keep. One drive is listed as an app to delete. 

Also asks to retain Explorer win10 style context menu, start menu, Win11debloat is free at github. 

Cross checked against what's removed and seems to be what's promised.

For audio, you could go further, like stop printing services and the like, s'pose. Meseems enough is good enough with the debloat.

I block the connection to OneDrive with firewall rules but the blocking list should be updated when Microsoft decided to use different domain name. onedrive.com, onedrive.live.com, 1drv.com, storage.live.com, skydrive.live.com, settings.live.net, livefilestore.com, ...

The same nonsense happens on blocking Facebook. facebook.com, fb.com, fb.net, facebook.net, instagram.com, instagram.net, threads.net, ...

I have OneDrive un-installed as well as other non-essential apps. Try that with Apple's OS or Android. You can't.

One thing to say is, all OS's have flaws, it is the nature of the beast.

There were other affects of the CrowdStrike bug, but MS was the biggest. I mean the Airlines still use antiquated software (non-MS) and they were hit bad also.

10 hours ago, botrytis said:

There were other affects of the CrowdStrike bug, but MS was the biggest. I mean the Airlines still use antiquated software (non-MS) and they were hit bad also.

My guess is that it was because of systems used in the backend by the FAA and/or ATC rather than the airlines. The air traffic control system is pretty complicated. Imagine controlling all these planes at once.

edit: yes, that was a live look at airplanes in the air over the continental USA at the time the screenshot was taken.

Airline traffic

Military traffic

Civilian traffic

high altitude balloons

etc...
 

edit 2: It also ties into why a delay in Chicago, for example, will cause a domino effect throughout the system. Every flight is on a schedule determined in part by the schedules of all the other flights, for the most part, and it's decided by computer systems. Thus, when flights in or out of Chicago get delayed, that creates a domino effect of all the flights that were scheduled based on those flights being on time and it causes the delays to roll down the line to all the other locations. This is also why flights are just cancelled until a certain day when they can start back up again on time. This applies to airlines, usually business aviation and private aviation get to fly on their own schedule, but there are exceptions.

The FAA software is 40 yrs old and not based on MS, sorry. That is why the DoT keeps asking for money to upgrade it.

4 minutes ago, bobfa said:

OK this is OT but The Crowdstrike issue goes a lot deeper.  Here is an interesting take on that.  

https://stratechery.com/2024/crashes-and-competition/

 

 

Wonderful article.

There's always more to the story and more nuance.

5 hours ago, bobfa said:

OK this is OT but The Crowdstrike issue goes a lot deeper.  Here is an interesting take on that.  

https://stratechery.com/2024/crashes-and-competition/

Interesting. so, competitor OS prohibit for 3rd party antivirus to run in kernel mode or patch the kernel, but, Microsoft cannot prohibit them as others did, because of EU region antitrust concerns... It is somewhat difficult to perform recurrence prevention by fixing the root cause.

On 7/23/2024 at 12:13 PM, bobfa said:

OK this is OT but The Crowdstrike issue goes a lot deeper.  Here is an interesting take on that.  

https://stratechery.com/2024/crashes-and-competition/

 

 

Weeeeell ...

You notice that Microsoft systems have been far far far more subject to viruses and show stopper bugs than Unix derived e.g Linux, OpenBSD, Apple and the concept that its just because there are so many more Windows installs is false: Microsoft itself uses 'Linux' on its cloud and network OS, as does Google, Meta, Amazon/AWS

If the geniouses at Microsoft had included bullet proof anti-virus in their kernel there would be no reason for sus antvirus companies. e.g. Apple sandboxes their iPhone

I mean all the real dealbreaker intrusions have involved Windows.

On 7/23/2024 at 5:50 PM, yamamoto2002 said:

Interesting. so, competitor OS prohibit for 3rd party antivirus to run in kernel mode or patch the kernel, but, Microsoft cannot prohibit them as others did, because of EU region antitrust concerns... It is somewhat difficult to perform recurrence prevention by fixing the root cause.

Not true, you can compile your own Linux kernel including whatever you want.

Now ... your computer might want things *signed* ... in any case if you really want to you can do what you want with your kernel but not causually

also in case you want to spend time and effort: https://www.freecodecamp.org/news/build-a-hackintosh/

8 minutes ago, jabbr said:

Weeeeell ...

 

You notice that Microsoft systems have been far far far more subject to viruses and show stopper bugs than Unix derived e.g Linux, OpenBSD, Apple and the concept that its just because there are so many more Windows installs is false: Microsoft itself uses 'Linux' on its cloud and network OS, as does Google, Meta, Amazon/AWS

 

If the geniouses at Microsoft had included bullet proof anti-virus in their kernel there would be no reason for sus antvirus companies. e.g. Apple sandboxes their iPhone

 

I mean all the real dealbreaker intrusions have involved Windows.

Apparently Microsoft is legally prevented from fixing the gaping hole in its kernel that paved the way for the CrowdStrike fiasco: 

https://www.tomshardware.com/software/windows/microsofts-eu-agreement-means-it-will-be-hard-to-avoid-crowdstrike-like-calamities-in-the-future

1 minute ago, pkane2001 said:

 

Apparently Microsoft is legally prevented from fixing the gaping hole in its kernel that paved the way for the CrowdStrike fiasco: 

 

https://www.tomshardware.com/software/windows/microsofts-eu-agreement-means-it-will-be-hard-to-avoid-crowdstrike-like-calamities-in-the-future

Yeah my point about Linux is that anyone has kernel access and its less subject to these disasters than Windows.

and as I've suggested you can gain access to MacOS kernel if you are sufficiently determined.

If windows wasn't so hackable there wouldn't be a need for third party security 'solutions'. No one is preventing Microsoft from making windows 'as is' secure ... MacOS doesn't get viruses to nearly the extent and there is no need for essentially mandatory third party anti-virus. Linux has an entirely open kernel and also isn't as subject to viruses.

Ummmmm .... ***hardware*** can require kernel drives to be signed eg NVidia graphics